$OpenBSD: patch-src_player_c,v 1.3 2015/03/17 00:13:24 sthen Exp $

Security fix for CVE-2006-3376. Diff from Ubuntu. (fixed by naddy@)

--- src/player.c.orig	Tue Dec 10 19:30:26 2002
+++ src/player.c	Tue Mar 17 00:12:11 2015
@@ -22,6 +22,7 @@
 #endif
 
 #include <stdio.h>
+#include <stdint.h>
 #include <stdlib.h>
 #include <string.h>
 #include <math.h>
@@ -130,6 +131,13 @@ wmf_error_t wmf_scan (wmfAPI* API,unsigned long flags,
 		{	WMF_DEBUG (API,"bailing...");
 			return (API->err);
 		}
+	}
+
+	if (MAX_REC_SIZE(API) > SIZE_MAX / 2)
+	{
+		API->err = wmf_E_InsMem;
+		WMF_DEBUG (API,"bailing...");
+		return (API->err);
 	}
 
 /*	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) * 2 * sizeof (unsigned char));
